Tag: hackers

Is the Vietnamese government following China’s example, and muffling online dissent to pursue its own political ends? Internet giant Google seems to think so. Writing on the company’s online security blog, Neel Mehta of Google’s security team has revealed that tens of thousands of Vietnamese computers were subject to a potent virus attack this week–and that the attack targeted activists who are opposed to a Chinese mining project in Vietnam.

Google writes that the activists mistakenly downloaded malicious software that infected their computers. The infected machines could be used to spy on the users, and were also used to attack Web sites and blogs that voiced opposition to the mining project. This cyber attack, Google says, was an attempt to “squelch” opposition to bauxite mining in Vietnam, a highly controversial issue in the country. The computer security firm, McAfee Inc, which detected the malware, went a step further, saying its creators “may have some allegiance to the government of the Socialist Republic of Vietnam.” The Vietnamese Foreign Ministry had no immediate comment [Moneycontrol].

Google’s current spat with China began with a similar accusation, when the company accused Beijing of hacking into and spying on Chinese activists’ gmail accounts. Just this week, journalists in China said their email accounts were compromised because of yet another spyware attack.

Spanish authorities announced this week that they shut down what appears to be the largest botnet ever discovered.

The Mariposa botnet, which first appeared in 2008, was a network of nearly 13 million virus-infected PCs, remotely operated by thieves stealing private information from computers in half the Fortune 1000 companies and 190 countries. Though three men are now in custody, worries over the bot are far from over.

Juan Salon at the Spanish Civil Guard was relieved to catch the three men, aged between 25 and 31, whose names have not yet been released. But the guard was troubled to find that none of the three possessed the technical know-how to design something like the Mariposa. “We have not arrested the creator of the botnet. We have arrested the administrators of the botnet, the ones who spread it and were administering and controlling it,” Salon said [San Jose Mercury News]. They are following a fourth suspect, he says.

Are the world’s most popular search engine and the world’s most populous country headed for a breakup? That’s the word reverberating around the Internet today after Google said it would no longer put up with the Chinese government’s demands to censor the Internet and the rampant hacking attempts against it, which could result in the company ending its Chinese operations.

The announcement came as a stunning reversal for Google, which had capitulated to the government’s wishes to gain access to China’s fast-growing population of Internet users. Since arriving in 2006 under an arrangement with the government that purged its Chinese search results of banned topics, Google has come under fire for abetting a system that increasingly restricts what can be read online [The New York Times].

Are your phone conversations about to become less secure? A German encryption expert says he’s cracked the two-decade-old algorithm that protects most of the world’s cellphones: GSM (Global System for Mobile communication).

Karsten Nohl says his intentions were noble; he wanted to show the world that though GSM protects 80 percent of the cellphones in the world, it’s far from invincible. “This shows that existing G.S.M. security is inadequate,” Mr. Nohl, 28, told about 600 people attending the Chaos Communication Congress, a four-day conference of computer hackers that runs through Wednesday in Berlin. “We are trying to push operators to adopt better security measures for mobile phone calls” [The New York Times].

The U.S. military does not think much of Iraqi militants’ technological capabilities. How else to explain the fact that their Predator drone surveillance planes used unencrypted links to send down to their military operators? The lack of encryption means that the drones’ data is less secure than most home wireless internet networks, a serious vulnerability in the unmanned aerial network.

According to a story in The Wall Street Journal today, video feeds from Predator drones have been intercepted by militants in Iraq. Senior defense and intelligence officials said Iranian-backed insurgents intercepted the video feeds by taking advantage of an unprotected communications link in some of the remotely flown planes’ systems. Shiite fighters in Iraq used software programs such as SkyGrabber — available for as little as $25.95 on the Internet — to regularly capture drone video feeds, according to a person familiar with reports on the matter [The Wall Street Journal]. Officials are saying that they don’t believe militants were able to take control of the drones, but by downloading the videos they were able to keep up with which areas were being monitored.

For an organization dedicated to not letting anything get by them, the Transportation Security Administration seriously dropped the ball this week when a full copy of its standard operating procedures for airport security leaked on the Web.

TSA officials said that the manual was posted online in a redacted form on a federal procurement Web site, but that the digital redactions were inadequate. They allowed computer users to recover blacked-out passages by copying and pasting them into a new document or an e-mail [Washington Post]. Among the information accidentally made public in the PDF: pictures of the passes that CIA officials and members of Congress use, as well as a list of the 12 countries whose passport holders are flagged for extra security checks. The document also revealed technical settings used by airport X-ray and explosive-detecting machines.

SwiftHack, ClimateGate—whatever you want to call the response to hackers stealing and releasing a bevy of e-mails from the Hadley Climatic Research Unit (CRU) at the University of East Anglia in the U.K., the furor simmers still. Now, as the university begins its official inquiry into the incident, climatologist Phil Jones has stepped aside as the head of the CRU pending the result.

In addition, Penn State University said it would review the papers of Michael Mann, the RealClimate blogger and Penn State researcher whose name appears in many of the East Anglia e-mails. Mann responded to the criticisms of his words here.

It started off innocently enough, with a Rickroll—when the first iPhone worm turned up in Australia two weeks ago, it changed its victim’s wallpaper to a portrait of “Never Gonna Give You Up” signer/Internet sensation Rick Astley. But now iPhone worms have turned malicious.

But by this week, some iPhones were victimized by the “Duh” worm, which steals personal banking info. Like the rickrolling original, the new malicious code targets only jailbroken iPhones—those on which that the owner has circumvented the Apple operating system to hack the phone. It is specifically targeting people in the Netherlands who are using their iPhones for internet banking with Dutch online bank ING. It redirects the bank’s customers to a lookalike site with a log-in screen [BBC News]. An iPhone could spread the worm to others that use the same wi-fi hotspot.

As for Apple’s response to the growing iPhone threats? Don’t hack your phone, genius. Apple spokesperson Natalie Harrison says, “As we’ve said before, the vast majority of customers do not jailbreak their iPhones, and for good reason. These hacks not only violate the warranty, they will also cause the iPhone to become unstable and not work reliably” [The Loop].

Only a small percentage of iPhone users hack the device, so relatively few people are susceptible to this latest attack. Yet some researchers say the worm confirms that attacks against mobile users are evolving, and that cybercriminals are targeting the personal and financial information kept on portable devices. The ability to communicate with a central command-and-control server–a characteristic more commonly associated with hijacked PCs–also makes such software more dangerous [Technology Review].

Many medical devices come equipped with wireless communication systems these days, allowing doctors to customize their operations or to see their patents’ information. But fitting pacemakers or implanted defibrillators with WiFi also opens the door to hackers‘ attacks. Hackers could potentially steal personal information, remotely drain batteries, or cause a dangerous malfunction, so researchers are working on ways to block them. The approach relies on using ultrasound waves to determine the exact distance between a medical device and the wireless reader attempting to communicate with it [Technology Review]. The plan is to only allow access to a medical device from wireless reading devices within 10 feet, and only then after a series of authentication steps. However, in the event of an emergency, the medical device would grant access to anyone within a few inches of the device. In other words, to anyone close enough to assist.

The research team also has to consider how much power their security measures will drain from the devices, which is a not-so-trivial point for a battery-operated pacemaker. But Claude Castelluccia, who was involved with designing the security system, said that because the device won’t respond to requests that come from outside the predetermined distance, it would also be harder for an attacker to wear down the battery by forcing it to process one request after another [Technology Review]. To test their system, researchers recently implanted a medical device in the stomach of a cow, and they’re currently shopping their patented technology to potential developers.

The first worm to infect iPhones is squirming through phones in Australia, spreading the face of the 1980s pop singer Rick Astley throughout the land. On infected phones, the wallpaper changes to a glamor shot of Astley, with a line of type that declares “Ikee is never going to give you up.”

As savvy internet users know, the iPhone has just been Rickrolled. For several years, the bait-and-switch trick has caused internet users to click on a link that looks relevant or promising, only to be led to Astley’s 1987 video, “Never Gonna Give You Up.”

However, only iPhone users who have ‘jailbroken’ their phones will be affected by the worm. Jailbreaking an iPhone involves running a program that circumvents the official Apple operating system and allows users to run software on their phone that has not been approved by Apple [Telegraph]. The worm preys specifically on iPhone users who haven’t changed their default passwords on an application called secure shell (SSH), which allows file transfers between smart phones.

The iPhone worm doesn’t appear to be a malicious or criminal act. Instead, it seems to be half warning, half prank. Ikee’s author, who identifies himself or herself as “ikex” in the worm’s source code, also wrote in the code that “People are stupid, and this is to prove it so,” adding that users should read their phones’ manuals.”It’s not that hard, guys,” ikex writes. “But hey who cares its only your bank details at stake” [ Forbes].

The worm’s creator was later identified as 21-year-old Ashley Towns, a programmer who lives near Sydney; no word yet on whether Towns will face any repercussions for his trick.